Package com.amazonaws.encryptionsdk.internal

Class JceKeyCipher

java.lang.Object
com.amazonaws.encryptionsdk.internal.JceKeyCipher
public abstract class JceKeyCipher extends Object
Abstract class for encrypting and decrypting JCE data keys.

  • Method Details

    • aesGcm

      public static JceKeyCipher aesGcm(SecretKey secretKey)
      Returns a new instance of a JceKeyCipher based on the Advanced Encryption Standard in Galois/Counter Mode.
      Parameters:
      secretKey - The secret key to use for encrypt/decrypt operations.
      Returns:
      The JceKeyCipher.

    • rsa

      public static JceKeyCipher rsa(PublicKey wrappingKey, PrivateKey unwrappingKey, String transformation)
      Returns a new instance of a JceKeyCipher based on RSA.
      Parameters:
      wrappingKey - The public key to use for encrypting the key.
      unwrappingKey - The private key to use for decrypting the key.
      transformation - The transformation.
      Returns:
      The JceKeyCipher.

    • encryptKey

      public EncryptedDataKey encryptKey(byte[] key, String keyName, String keyNamespace, Map<String,​String> encryptionContext)
      Encrypts the given key, incorporating the given keyName and encryptionContext.
      Parameters:
      key - The key to encrypt.
      keyName - A UTF-8 encoded representing a name for the key.
      keyNamespace - A UTF-8 encoded value that namespaces the key.
      encryptionContext - A key-value mapping of arbitrary, non-secret, UTF-8 encoded strings used during encryption and decryption to provide additional authenticated data (AAD).
      Returns:
      The encrypted data key.

    • decryptKey

      public byte[] decryptKey(EncryptedDataKey edk, String keyName, Map<String,​String> encryptionContext) throws GeneralSecurityException
      Decrypts the given encrypted data key.
      Parameters:
      edk - The encrypted data key.
      keyName - A UTF-8 encoded String representing a name for the key.
      encryptionContext - A key-value mapping of arbitrary, non-secret, UTF-8 encoded strings used during encryption and decryption to provide additional authenticated data (AAD).
      Returns:
      The decrypted key.
      Throws:
      GeneralSecurityException - If a problem occurred decrypting the key.